You are probably backing up your data—but how and where? Ransomware is on the rise and there are variants that specifically target backups. Read on to discover why off-site is the way to go.
Course Of The Month
6 days, 9 hours left to enrollBecome a Premium Member and unlock a new, free course in leading technologies each month.
Solved
Exchange 2003 Server Queue Filling up!
Posted on 2012-12-27
I've read every article and have done practically everything. I've made sure there isn't an open relay, I've applied Recipient Filtering ( Checked "Filter recipients who are not in the Directory" ), Sender Filtering, Connection Filtering, Sender ID Filtering, I've gone to Default SMTP Virtual Server - Access - Relay and ticked "Only the list below" and unchecked "Allow all computers which successfully authenticate to relay regardless of the list above" as well as left the "Computer list" blank under "Only the list below", I've disabled port 25 on the firewall, changed the admin password, disabled accounts that weren't being used, enabled logging on NDRs and haven't seen the event id 1708 (to see if another account has been compromised), enabled Tar Pit, I've tested to make sure it isn't a DNS problem, and disabled NDR....
I'm still continuing to get hundreds of thousands of NDRs from unrecognized email accounts in the queue. I have no idea what to do to solve this problem :-( If someone could please point me in the right direction I'd appreciate it!
I'm still continuing to get hundreds of thousands of NDRs from unrecognized email accounts in the queue. I have no idea what to do to solve this problem :-( If someone could please point me in the right direction I'd appreciate it!
[X]
Welcome to Experts Exchange
Add your voice to the tech community where 5M+ people just like you are talking about what matters.
- Help others & share knowledge
- Earn cash & points
- Learn & ask questions
2-
2
- +1
6 Comments
Maybe they are not yours, maybe someone is just spoofing your email accounts and you're just getting the NDRs.
Check the headers on the NDR to see where they originated from. Might not be your IP.
Check the headers on the NDR to see where they originated from. Might not be your IP.
Active 1 day ago
Does your server receive emails directly or via a 3rd party filter service?
If direct, trial Vamsoft (www.vamsoft.com) and the pain will go away.
I'm assuming the sender of the messages is Postmaster@yourdomain.loca
Alan
If direct, trial Vamsoft (www.vamsoft.com) and the pain will go away.
I'm assuming the sender of the messages is Postmaster@yourdomain.loca
Alan
Active 3 days ago
Even after closing the holes, you will still see messages pile up for some time afterwards. When a server has been abused, the spammer will send 1000s of messages as quickly as possible and it takes time for Exchange to process them. I have seen email contiue to pile up for six or seven hours after the server was disconnected from the internet. You will just have to wait it out unfortuantely.
Simon.
Simon.
The email has been piling up for over 24 hours. Message ID is adsfdjkafh234223@mail.mydo
Sender is noreply@mail.yahoo-inc.com
I've been constantly having to use the aqadmcli.exe tool to clear the queue :-( It's so wierd and I can't figure out where they are coming from. Anyone have any idea how I can stop this?
Sender is noreply@mail.yahoo-inc.com
I've been constantly having to use the aqadmcli.exe tool to clear the queue :-( It's so wierd and I can't figure out where they are coming from. Anyone have any idea how I can stop this?
Featured Post
Backup is strategic to your business because your data is strategic to your business. Without backup, your business will fail. This white paper explains why it is vital for you to design and immediately execute a backup strategy to protect 100 percent of your data.
Question has a verified solution.
If you are experiencing a similar issue, please ask a related question
This article will help to fix the below errors for MS Exchange Server 2013
I. Certificate error "name on the security certificate is invalid or does not match the name of the site"
II. Out of Office not working
III. Make Internal URLs and Externa…
This article provides a convenient collection of links to Microsoft provided Security Patches for operating systems that have reached their End of Life support cycle. Included operating systems covered by this article are Windows XP, Windows Server…
- Ransomware
- Experts Exchange
- Windows XP
- Windows OS
- Windows Server 2008
- Windows Server 2003, Security
Exchange organizations may use the Journaling Agent of the Transport Service to archive messages going through Exchange. However, if the Transport Service is integrated with some email content management application (such as an antispam), the admini…
If you’ve ever visited a web page and noticed a cool font that you really liked the look of, but couldn’t figure out which font it was so that you could use it for your own work, then this video is for you!
In this Micro Tutorial, you'll learn yo…
- Microsoft Applications
- Windows 10
- Windows OS
- Fonts Typography
- Windows 7, Microsoft Word
Suggested Courses
Course of the Month6 days, 9 hours left to enroll
726 members asked questions and received personalized solutions in the past 7 days.
Join the community of 500,000 technology professionals and ask your questions.